2 Replies Latest reply on Feb 22, 2007 9:34 AM by penguine

Problems ejb call and jaxrpc / principal

penguine Feb 20, 2007 12:30 PM

Hallo Thomas,

The HelloBean in my/your example:

String urlstr = "http://localhost:8080/ws/RoleSecured?wsdl";
String argument = "testmich";

System.out.println("Contacting webservice at " + urlstr);

URL url = new URL(urlstr);

QName qname = new QName("http://hello.ws.jboss.org/", "HelloService");

ServiceFactory factory = ServiceFactory.newInstance();
Service service = factory.createService(url, qname);

Hello hello = (Hello) service.getPort(Hello.class);

Stub stub = (Stub) hello;

stub._setProperty(Stub.USERNAME_PROPERTY, "kermit");
stub._setProperty(Stub.PASSWORD_PROPERTY, "thefrog");

System.out.println("hello.hello(" + argument + ")");
System.out.println("output:" + hello.hello(argument)); <-- here the exception occurs

I become the following error:

Contacting webservice at http://localhost:8080/ws/RoleSecured?wsdl
hello.hello(testmich)
java.rmi.RemoteException: Call invocation failed with code [Client] because of: java.rmi.AccessException: SecurityException; nested exception is:
java.lang.SecurityException: Insufficient method permissions, principal=null, ejbName=HelloBean, method=hello, interface=SERVICE_ENDPOINT, requiredRoles=[friend], principalRoles=[]; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: java.rmi.AccessException: SecurityException; nested exception is:
java.lang.SecurityException: Insufficient method permissions, principal=null, ejbName=HelloBean, method=hello, interface=SERVICE_ENDPOINT, requiredRoles=[friend], principalRoles=[]
at org.jboss.ws.common.CommonClient.invoke(CommonClient.java:331)
at org.jboss.ws.jaxrpc.CallImpl.invokeInternal(CallImpl.java:560)
at org.jboss.ws.jaxrpc.CallImpl.invoke(CallImpl.java:338)
at org.jboss.ws.jaxrpc.CallProxy.invoke(CallProxy.java:148)
at $Proxy0.hello(Unknown Source)
at de.mycompany.it.webservice.test.TestHelloClientII.main(TestHelloClientII.java:67)
Caused by: javax.xml.rpc.soap.SOAPFaultException: java.rmi.AccessException: SecurityException; nested exception is:
java.lang.SecurityException: Insufficient method permissions, principal=null, ejbName=HelloBean, method=hello, interface=SERVICE_ENDPOINT, requiredRoles=[friend], principalRoles=[]
at org.jboss.ws.jaxrpc.SOAPFaultExceptionHelper.getSOAPFaultException(SOAPFaultExceptionHelper.java:100)
at org.jboss.ws.common.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:574)
at org.jboss.ws.common.CommonClient.invoke(CommonClient.java:319)
... 5 more
Exception in thread "main"

If I do a normal lookup to my bean as you do it in your examples it works.
But if I try to use the webserver to access the wsdl like my example above I don´t have a valid principal setting.

1. Re: Problems ejb call and jaxrpc / principal

penguine Feb 20, 2007 12:38 PM (in response to penguine)

The problem occurs in jboss-4.0.5GA.
I try it with jbossws-1.0.4.GA, too.
my example herer is with the newer jbossws version, jbossws-1.0.4.GA.
Actions
2. Re: Problems ejb call and jaxrpc / principal

penguine Feb 22, 2007 9:34 AM (in response to penguine)

if I use in the ejb-jar.xml
<method-permission>
<method-permission>

instead of
<method-permission>
<role-name>friend</role-name>

it works.

And I have to disabled the http authorization for my example:

<port-component>
<port-component-name>RoleSecured</port-component-name>
<port-component-uri>/ws/RoleSecured</port-component-uri>

</port-component>
Actions

Go to original post